Web lists-archives.com

Re: Setting up a local DNS server but clients that use it can't access the internet


On Sat, Feb 24, 2018 at 12:13:31PM +0000, Aero Maxx wrote:
> On 24 February 2018 at 11:37, Reco <recoverym4n@xxxxxxxxx> wrote:
> > Ok, that actually gives us something.
> >
> > First things first, Virgin Media uses different nameservers, according
> > to the RIPE, at least. They are ns[1-4].virginmedia.net.
> >
> > Second, these cache[12].service.viginmedia.net you're trying to use as
> > forwarders may or may not be operational.
> > A couple of quick tests should clarify it (run it from the malfunctioning
> > DNS):
> >
> > dig in a debian.org @
> > dig in a debian.org @
> The above IP addresses are the ones that debian found by itself when I
> installed it, and were already in the resolv.conf file prior to me editting
> it.

That can mean anything. But the good news are, forwarders are operational.

Ok, what about this (again, run it from the malfunctioning DNS, root is
needed for the second and third command):

dig in a debian.org @

ss -nplu


> > Is there a reason as to why the root DNSes aren't accessible to my BIND?
> >
> > You forgot to put your DNS server at DMZ.
> > They block udp:53 and tcp:53 at Virgin Media.
> > Someone at *your* premises does the same.
> As previously mentioned each server and client has 2 network cards, one
> which provides internet access to the client or server, and the other
> provides internal services that are on the local network after the
> firewall, the DNS server shouldn't be accessible by any clients or servers
> that are on the internet/external side of my router/firewall.

You're talking about inbound connections, but your problem may lie with
the outbound ones.